core: respect connection permissions for internal activation requests

Similar to "core: respect connection user permissions for activation/deactivation",
if a master connection is being activated because a slave connection requested
it, ensure that the user requesting the master connection is allowed to
activate it.

Backport-of: efd0e2a589866de0b9fc71253325fcde33a847ac

1 files changed, 14 insertions, 0 deletions

diff --git a/src/nm-manager.c b/src/nm-manager.c
index c91fb30692..9dc475bd18 100644
--- a/src/nm-manager.c
+++ b/src/nm-manager.c
@@ -2891,6 +2891,7 @@ nm_manager_activate_connection (NMManager *manager,
 	NMConnection *master_connection = NULL;
 	NMActiveConnection *master_ac = NULL;
 	gboolean matched;
+	char *error_desc = NULL;
 
 	g_return_val_if_fail (manager != NULL, NULL);
 	g_return_val_if_fail (connection != NULL, NULL);
@@ -2912,6 +2913,19 @@ nm_manager_activate_connection (NMManager *manager,
 			dbus_error_free (&dbus_error);
 			return NULL;
 		}
+
+		/* Ensure the subject has permissions for this connection */
+		if (!nm_auth_uid_in_acl (connection,
+		                         priv->session_monitor,
+		                         sender_uid,
+		                         &error_desc)) {
+			g_set_error_literal (error,
+			                     NM_MANAGER_ERROR,
+			                     NM_MANAGER_ERROR_PERMISSION_DENIED,
+			                     error_desc);
+			g_free (error_desc);
+			return NULL;
+		}
 	}
 
 	/* VPN ? */